CN117574352B

CN117574352B - Software and hardware combined anti-counterfeiting method, system, equipment and storage medium

Info

Publication number: CN117574352B
Application number: CN202410057326.1A
Authority: CN
Inventors: 迟江波; 路明远; 李德新
Original assignee: Suzhou Metabrain Intelligent Technology Co Ltd
Current assignee: Suzhou Metabrain Intelligent Technology Co Ltd
Priority date: 2024-01-16
Filing date: 2024-01-16
Publication date: 2024-04-05
Anticipated expiration: 2044-01-16
Also published as: CN117574352A

Abstract

The application provides a software and hardware combined anti-counterfeiting method, a system, equipment and a storage medium, and relates to the technical field of server anti-counterfeiting, wherein the method comprises the following steps: acquiring first anti-counterfeiting information of each piece of current hardware of the server and second anti-counterfeiting information of each piece of current software of the server; integrating the obtained first anti-counterfeiting information and the second anti-counterfeiting information to obtain an anti-counterfeiting information table; acquiring anti-counterfeiting verification information recorded in a target memory of the server; comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result; and controlling the access to the operating system of the server according to the comparison result. The method aims at improving the stability of the server in the application process by binding hardware and software of the server for anti-counterfeiting verification.

Description

Software and hardware combined anti-counterfeiting method, system, equipment and storage medium

Technical Field

The application relates to the technical field of server anti-counterfeiting, in particular to an anti-counterfeiting method, system, equipment and storage medium combining software and hardware.

Background

The server is composed of a main board and various external devices to normally operate, wherein any one device is fake or inferior, which can cause the problem of compatibility of the server, thereby influencing the use of server products. And each external device comprises two parts related to the external device in the use process, namely hardware and software, wherein the hardware is a main board into which the external device is inserted, and the software is server firmware for ensuring the normal operation between the external device and the server. And ensuring that the compatibility problem between the external equipment and the server is not existed is the key for ensuring the stability of the server.

Disclosure of Invention

In view of this, the present application provides a software and hardware combined anti-counterfeiting method, system, device and storage medium. The method aims at improving the stability of the server in the application process by binding hardware and software of the server for anti-counterfeiting verification.

In a first aspect of an embodiment of the present application, a software and hardware combined anti-counterfeiting method is provided, and is applied to a server, where the method includes:

acquiring first anti-counterfeiting information of each piece of current hardware of the server and second anti-counterfeiting information of each piece of current software of the server;

integrating the obtained first anti-counterfeiting information and the second anti-counterfeiting information to obtain an anti-counterfeiting information table;

acquiring anti-counterfeiting verification information recorded in a target memory of the server;

comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result;

and controlling the access to the operating system of the server according to the comparison result.

Optionally, comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result includes:

controlling to enter an operating system of the server under the condition that the comparison result represents that the anti-counterfeiting information table is consistent with the anti-counterfeiting verification information;

And under the condition that the comparison result represents that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, outputting corresponding prompt information on a screen through a BIOS, and prohibiting the server from entering an operating system of the server.

Optionally, the method further comprises:

restarting the server for a first preset number of times under the condition that any one or more of all the anti-counterfeiting information is not acquired, and acquiring all the anti-counterfeiting information after restarting each time;

under the condition that all the anti-counterfeiting information is not successfully obtained by restarting each time in the restarting of the first preset times, outputting corresponding prompt information on a screen through a BIOS (basic input output system), and prohibiting the server from entering an operating system of the server;

under the condition that all the anti-counterfeiting information is successfully obtained after restarting, executing the steps of: and integrating the obtained first anti-counterfeiting information and the second anti-counterfeiting information to obtain an anti-counterfeiting information table.

Optionally, the method further comprises:

restarting the server for a second preset times under the condition that the anti-counterfeiting check information is not acquired, and acquiring the anti-counterfeiting check information after restarting each time;

under the condition that the anti-counterfeiting verification information is not successfully obtained by restarting each time in the restarting of the second preset times, outputting corresponding prompt information on a screen through a BIOS (basic input output system), and prohibiting the server from entering an operating system of the server;

Under the condition that the anti-counterfeiting check information is successfully obtained after restarting, executing the steps of: and comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result.

Optionally, entering the anti-counterfeiting verification information into a target memory of the server includes:

acquiring the respective standard anti-counterfeiting information of each hardware from factory parameters of each hardware matched with the server, and acquiring a digital signature of each software matched with the server as the respective standard anti-counterfeiting information of each software;

and integrating the standard anti-counterfeiting information of each hardware and the standard anti-counterfeiting information of each software into anti-counterfeiting verification information, and storing the anti-counterfeiting verification information into a target memory of the server, wherein the target memory is an electrically erasable programmable read-only memory.

Optionally, acquiring the anti-counterfeit verification information recorded in the target memory of the server includes:

and the BIOS of the server reads the anti-counterfeiting verification information pre-stored in the target storage through a first IPMI command.

Optionally, under the condition that each piece of hardware matched with the server comprises a network card and a main board, acquiring first anti-counterfeiting information of each piece of current hardware of the server comprises: and acquiring the first anti-counterfeiting information of the current network card of the server and the first anti-counterfeiting information of the current main board of the server.

Optionally, in the case that each piece of software matched with the server includes BIOS firmware and BMC firmware, obtaining second anti-counterfeiting information of each piece of current software of the server includes: and acquiring the digital signature of the current BIOS firmware of the server, and acquiring the digital signature of the current BMC firmware of the server.

Optionally, the first anti-counterfeiting information of the network card includes an MAC address of the network card and/or serial number information of the network card; the first anti-counterfeiting information of the main board comprises a serial number and/or manufacturer information of the main board.

Optionally, the method further comprises:

when firmware refreshing is carried out on a server through firmware to be refreshed, acquiring a digital signature of the firmware to be refreshed and acquiring the anti-counterfeiting verification information through a BIOS;

comparing the obtained digital signature of the firmware to be refreshed with a standard digital signature corresponding to the anti-fake verification information to obtain a first comparison result;

under the condition that the first comparison result represents that the digital signature of the firmware to be refreshed is inconsistent with the standard digital signature, the firmware to be refreshed is forbidden to refresh the corresponding firmware of the server;

and under the condition that the first comparison result represents that the digital signature of the firmware to be refreshed is consistent with the standard digital signature, refreshing the corresponding firmware of the server by the firmware to be refreshed.

Optionally, when the comparison result indicates that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, outputting corresponding prompt information on a screen through a BIOS and prohibiting access to an operating system of the server, including:

and outputting prompt information of the corresponding network card abnormality on a screen through a BIOS (basic input output system) and prohibiting the network card abnormality from entering an operating system of the server under the condition that the comparison result represents that the first anti-counterfeiting information of the current network card in the anti-counterfeiting information table is inconsistent with the network card standard anti-counterfeiting information in the anti-counterfeiting verification information.

and outputting corresponding prompting information of mainboard abnormality on a screen through a BIOS (basic input output system) and prohibiting the operation system of the server under the condition that the comparison result represents that the first anti-counterfeiting information of the current mainboard in the anti-counterfeiting information table is inconsistent with the standard anti-counterfeiting information of the mainboard in the anti-counterfeiting verification information.

And outputting corresponding server firmware abnormal prompt information on a screen through a BIOS (basic input output system) and prohibiting the server firmware abnormal prompt information from entering an operating system of the server under the condition that the second anti-counterfeiting information of the current server firmware in the anti-counterfeiting information table and the server firmware standard anti-counterfeiting information in the anti-counterfeiting verification information are inconsistent by the comparison result.

Optionally, obtaining the first anti-counterfeiting information of the current network card of the server includes:

the server performs a startup POST;

in the process of starting up the POST, the BIOS of the server reads the first anti-counterfeiting information of the current network card of the server through a target command to obtain the first anti-counterfeiting information of the current network card of the server.

Optionally, obtaining the first anti-counterfeiting information of the current motherboard of the server includes:

the server performs a startup POST;

in the process of starting up the POST, the BIOS of the server reads FRU information of the BMC through a second IPMI command;

and the BIOS obtains the first anti-counterfeiting information of the current main board of the server by analyzing the FRU information.

Optionally, obtaining the digital signature of the current BMC firmware of the server includes:

the server performs a startup POST;

In the power-on POST process, the BIOS of the server reads the digital signature of the BMC firmware through a third IPMI command to obtain second anti-counterfeiting information of the current BMC firmware of the server.

In a second aspect of the embodiments of the present application, the present application provides a software and hardware combined anti-counterfeiting system, applied to a server, where the system includes:

the anti-fake information acquisition module is used for acquiring the first anti-fake information of each piece of current hardware of the server and the second anti-fake information of each piece of current software of the server;

the anti-fake information merging module is used for integrating the obtained first anti-fake information and the second anti-fake information to obtain an anti-fake information table;

the anti-fake verification information acquisition module is used for acquiring anti-fake verification information recorded in a target memory of the server;

the comparison and verification module is used for comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result;

and the control module is used for controlling the access to the operating system of the server according to the comparison result.

Optionally, the control module includes:

the first control module is used for controlling the operation system of the server to enter under the condition that the comparison result represents that the anti-fake information table is consistent with the anti-fake verification information;

And the second control module is used for outputting corresponding prompt information on a screen through the BIOS and prohibiting the server from entering an operating system under the condition that the comparison result represents that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information.

In a third aspect of embodiments of the present application, the present application provides an electronic device, including: a processor, a memory and a computer program stored on the memory and running on the processor, which when executed by the processor implements the steps in a software and hardware combined anti-counterfeiting method according to the first aspect of the present application.

In a fourth aspect of embodiments of the present application, there is provided a computer non-volatile readable storage medium having stored thereon a computer program which, when executed by a processor, implements steps in a software and hardware combined anti-counterfeiting method according to the first aspect of the present application.

Aiming at the prior art, the application has the following advantages:

the anti-counterfeiting method combining software and hardware is applied to a server, and first anti-counterfeiting information of each piece of hardware of the server and second anti-counterfeiting information of each piece of software of the server are obtained; integrating the obtained first anti-counterfeiting information and the second anti-counterfeiting information to obtain an anti-counterfeiting information table; acquiring anti-counterfeiting verification information recorded in a target memory of a server; comparing the anti-counterfeiting information table with anti-counterfeiting verification information to obtain a comparison result; and controlling the access to the operating system of the server according to the comparison result. By the anti-counterfeiting method, when each hardware of the server is subjected to binding authenticity verification, each firmware (namely, a software program embedded in electronic hardware) of the server is also subjected to binding authenticity verification, so that the problem of compatibility between the hardware and the firmware of the server can be simultaneously guaranteed, the problem of compatibility between the hardware and the firmware of the server can be integrally guaranteed, and the stability of the server in the application process can be effectively improved.

The foregoing description is only an overview of the technical solutions of the present application, and may be implemented according to the content of the specification in order to make the technical means of the present application more clearly understood, and in order to make the above-mentioned and other objects, features and advantages of the present application more clearly understood, the following detailed description of the present application will be given.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.

Fig. 1 is a flowchart of a software and hardware combined anti-counterfeiting method provided in an embodiment of the present application;

FIG. 2 is another flow chart of a software and hardware combined anti-counterfeiting method according to an embodiment of the present application;

fig. 3 is a schematic diagram of modules involved in a software-hardware combined anti-counterfeiting method according to an embodiment of the present application;

fig. 4 is a schematic diagram of a software and hardware combined anti-counterfeiting system according to an embodiment of the present application;

fig. 5 is a schematic diagram of an electronic device according to an embodiment of the present application.

Detailed Description

Exemplary embodiments of the present application will be described in more detail below with reference to the accompanying drawings.

To facilitate an understanding of embodiments of the present application, the following description refers to the relevant terminology:

BIOS (Basic Input Output System) basic input output system.

EEPROM (Electrically Erasable Programmable read only memory) is an electrified erasable programmable read-only memory, which is a memory chip with no data loss after power failure.

BMC (Baseboard Management Controller) baseboard management controller, a dedicated controller for monitoring and managing servers.

Fig. 1 is a flowchart of a software and hardware combined anti-counterfeiting method provided in an embodiment of the present application, as shown in fig. 1, where the method is in a server, and the method includes:

step S1: and acquiring the first anti-counterfeiting information of each piece of current hardware of the server and the second anti-counterfeiting information of each piece of current software of the server.

In this embodiment, the anti-counterfeiting method combining software and hardware is applied to a server, and each external hardware device and each hardware device built in the server are connected to the server. And simultaneously acquiring respective anti-counterfeiting information of each Firmware on the current server, wherein the anti-counterfeiting information is the respective second anti-counterfeiting information of each software of the server, and the Firmware (Firmware) refers to a software program embedded in electronic hardware, so that each Firmware on the current server is actually the current software (namely the software program) of the server. The hardware currently configured on the server may include only the external hardware device on the server, or may include only the internal hardware device of the server, or may include both the external hardware device connected to the server and the internal hardware device of the server.

Step S2: and integrating the obtained first anti-counterfeiting information and the second anti-counterfeiting information to obtain an anti-counterfeiting information table.

In this embodiment, after the respective first anti-counterfeiting information of each piece of current hardware of the server and the respective second anti-counterfeiting information of each piece of current software of the server are obtained in step S1, all the obtained first anti-counterfeiting information and all the obtained second anti-counterfeiting information are integrated to form an anti-counterfeiting information table, wherein specific anti-counterfeiting information, namely, each piece of first anti-counterfeiting information and each piece of second anti-counterfeiting information, and the respective corresponding software and hardware identifier of each specific anti-counterfeiting information are recorded in the anti-counterfeiting information table, so as to distinguish the software and the hardware corresponding to each specific anti-counterfeiting information, and the specific anti-counterfeiting information and the software and hardware identifier in the anti-counterfeiting information table have a one-to-one correspondence. For example, the anti-counterfeiting information in the anti-counterfeiting information table comprises first anti-counterfeiting information A1, first anti-counterfeiting information A2, second anti-counterfeiting information B1 and second anti-counterfeiting information B2, the software and hardware identifier in the anti-counterfeiting information table comprises hardware identifier A1, hardware identifier A2, software identifier B1 and software identifier B2, and the corresponding relation recorded in the anti-counterfeiting information table comprises that the hardware identifier A1 corresponds to the first anti-counterfeiting information A1, the hardware identifier A2 corresponds to the first anti-counterfeiting information A2, the software identifier B1 corresponds to the second anti-counterfeiting information B1 and the software identifier B2 corresponds to the second anti-counterfeiting information B2.

Step S3: and acquiring anti-counterfeiting verification information recorded in a target memory of the server.

In this embodiment, the target memory of the server is pre-recorded with anti-counterfeit information for performing validity check, and the anti-counterfeit information is used for performing validity check on the anti-counterfeit information table obtained by integrating the step S2. And step S2, after the anti-counterfeiting information table of the server is obtained in an integrated way, the anti-counterfeiting verification information recorded in the target memory of the server is obtained.

Step S4: and comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result.

In this embodiment, after the anti-counterfeiting information table and the anti-counterfeiting verification information in the target memory of the server are obtained through step S2 and step S3, the obtained anti-counterfeiting information table is compared with the anti-counterfeiting verification information, so as to obtain a comparison result whether the anti-counterfeiting information table and the anti-counterfeiting verification information are consistent.

Step S5: and controlling the access to the operating system of the server according to the comparison result.

In this embodiment, according to the comparison result between the anti-counterfeiting information table and the anti-counterfeiting verification information obtained in step S4, it is determined whether to allow access to the operating system of the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, step S5 may include steps S51 to S52:

step S51: and controlling to enter an operating system of the server under the condition that the comparison result represents that the anti-counterfeiting information table is consistent with the anti-counterfeiting verification information.

In this embodiment, under the condition that the obtained comparison result between the anti-counterfeiting information table and the anti-counterfeiting verification information represents that the anti-counterfeiting information table is consistent with the anti-counterfeiting verification information, it is determined that each piece of hardware and each piece of software of the current server are the software and the hardware originally matched with the server when the server leaves the factory, compatibility problems do not exist, and the server is controlled to enter an operating system of the server.

Step S52: and under the condition that the comparison result represents that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, outputting corresponding prompt information on a screen through a BIOS, and prohibiting the server from entering an operating system of the server.

In this embodiment, under the condition that the obtained comparison result between the anti-counterfeiting information table and the anti-counterfeiting verification information indicates that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, it is determined that software and hardware which are not originally matched with the server when the server leaves the factory exist in each piece of hardware and each piece of software of the current server, relevant prompt information of compatibility problems of the corresponding server is output in a screen through a BIOS at this time, and the control is performed to prohibit the server from entering an operating system of the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the method further comprises steps S101 to S103:

step S101: and restarting the server for a first preset number of times under the condition that any one or more of all the anti-counterfeiting information is not acquired, and acquiring all the anti-counterfeiting information after restarting each time.

In this embodiment, in the process of acquiring the first anti-counterfeiting information of each current hardware of the server and the second anti-counterfeiting information of each current software of the server in step S1, it is determined whether the first anti-counterfeiting information corresponding to each of all the current hardware of the server to be acquired is successfully acquired, and whether the second anti-counterfeiting information corresponding to each of all the current software of the server to be acquired is successfully acquired. In the process of determining that one or more pieces of anti-counterfeiting information are not acquired, the server is restarted, and step S1 is executed again after each restart, namely the first anti-counterfeiting information of each piece of current hardware of the server and the second anti-counterfeiting information of each piece of current software of the server are acquired. The restarting times are the first preset times, namely, if all the anti-counterfeiting information to be acquired is not successfully acquired after restarting, restarting is performed again, and the anti-counterfeiting information is re-acquired again after restarting, but the restarting is not unlimited, if the restarting is performed for the first preset times, all the anti-counterfeiting information to be acquired is still not successfully acquired once, the restarting is ended, and the access to the operating system of the server is forbidden.

Wherein, for the one or more pieces of non-acquired anti-counterfeiting information, the N values are any one of 0 to N values, the N values are the number of pieces of hardware in the first anti-counterfeiting information of each piece of current hardware of the server to be acquired, the M values are any one of 0 to M values, the M values are the number of pieces of software in the second anti-counterfeiting information of each piece of current software of the server to be acquired, and the N and M cannot be 0 at the same time.

Step S102: and under the condition that all the anti-counterfeiting information is not successfully obtained by restarting each time in the restarting of the first preset times, outputting corresponding prompt information on a screen through a BIOS (basic input output system), and prohibiting the server from entering an operating system of the server.

In this embodiment, if the restart is performed for the first preset number of times and all the required anti-counterfeiting information (including all the first anti-counterfeiting information and all the second anti-counterfeiting information) cannot be successfully obtained at one time after all the restarts, the restart of the server is ended at this time, the relevant prompt information that the corresponding server does not obtain the anti-counterfeiting information is output in the screen through the BIOS, and the control is performed to prohibit the server from entering the operating system of the server.

Step S103: under the condition that all the anti-counterfeiting information is successfully obtained after restarting, executing the steps of: and integrating the obtained first anti-counterfeiting information and the second anti-counterfeiting information to obtain an anti-counterfeiting information table.

In this embodiment, if all the required anti-counterfeiting information is obtained by restarting at a certain time within the first preset times, restarting is ended and the execution of step S2 is performed, and all the obtained first anti-counterfeiting information and all the obtained second anti-counterfeiting information are integrated to obtain the anti-counterfeiting information table.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the method further comprises steps S301 to S303:

step S301: and restarting the server for a second preset times under the condition that the anti-counterfeiting check information is not acquired, and acquiring the anti-counterfeiting check information after restarting each time.

In this embodiment, in the process of acquiring the anti-counterfeit information pre-recorded in the target memory of the server in step S3, it is determined whether the anti-counterfeit information is successfully acquired. Under the condition that the anti-counterfeiting check information is not successfully acquired, the server is restarted, and steps S1 to S3 are executed again after each restart, namely, if the anti-counterfeiting check information is not successfully acquired after restarting, the server is restarted again, and steps S1 to S3 are executed again after restarting, so that the anti-counterfeiting information (including all the first anti-counterfeiting information and all the second anti-counterfeiting information) and the anti-counterfeiting check information are re-acquired. And the restarting is not unlimited, if the anti-counterfeiting information can not be successfully obtained once after the second preset times of restarting is carried out on the anti-counterfeiting information, the restarting is ended, and the server is forbidden to enter an operating system of the server.

Step S302: and under the condition that the anti-counterfeiting verification information is not successfully obtained by restarting each time in the restarting of the second preset times, outputting corresponding prompt information on a screen through a BIOS, and prohibiting the server from entering an operating system of the server.

In this embodiment, if the restart is performed for the second preset number of times of the anti-counterfeit verification information, and if the required anti-counterfeit verification information cannot be successfully obtained once after all the restarts, the restart of the server is ended at this time, the corresponding server cannot obtain the relevant prompt information of the anti-counterfeit verification information in the screen through the BIOS, and the control is performed to prohibit the server from entering the operating system.

Step S303: under the condition that the anti-counterfeiting check information is successfully obtained after restarting, executing the steps of: and comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result.

In this embodiment, if all the required anti-counterfeit information and anti-counterfeit check information are obtained after restarting a certain time within the second preset times for the anti-counterfeit check information, the execution of step S4 is performed at this time, and the obtained anti-counterfeit information table is compared with the obtained anti-counterfeit check information, so as to obtain a comparison result. It should be understood that, for the second preset number of restarts performed for which the anti-counterfeit information is not successfully acquired, each restart needs to determine whether all the anti-counterfeit information (including all the first anti-counterfeit information and all the second anti-counterfeit information) is successfully acquired, and only if all the anti-counterfeit information and the anti-counterfeit information are acquired after a certain restart within the second preset number of times, the step S4 is performed, and the obtained anti-counterfeit information table is compared with the obtained anti-counterfeit information, so as to obtain a comparison result.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the anti-counterfeiting check information is input into a target memory of the server, and the method comprises the steps of S01 to S02:

step S01: and acquiring the respective standard anti-counterfeiting information of each piece of hardware from factory parameters of each piece of hardware matched with the server, and acquiring a digital signature of each piece of software matched with the server as the respective standard anti-counterfeiting information of each piece of software.

In this embodiment, in the anti-counterfeit method with combination of software and hardware provided in the embodiment of the present application, first, each piece of software of the server (that is, each piece of firmware in the server) will perform a digital signature, where the digital signature includes two functions, one is that the firmware of the illegal digital signature cannot be updated, and the other is used for performing the authentication verification. Before the server leaves the factory, the respective standard anti-counterfeiting information of each hardware is obtained from the factory parameters of each hardware matched with the server, and for each software matched with the server, the respective digital signature of each software is obtained from each software as the respective standard anti-counterfeiting information of each software.

Step S02: and integrating the standard anti-counterfeiting information of each hardware and the standard anti-counterfeiting information of each software into anti-counterfeiting check information, and storing the anti-counterfeiting check information into a target memory of the server. Wherein the target memory is an electrically erasable programmable read-only memory.

In this embodiment, after the standard anti-counterfeiting information of each hardware configured by the server and the standard anti-counterfeiting information of each software configured by the server are obtained in step S01, all the obtained standard anti-counterfeiting information is integrated into one comprehensive anti-counterfeiting check information, and the anti-counterfeiting check information is stored in the target memory of the server. Each standard anti-counterfeiting information in the anti-counterfeiting verification information is used for verifying the validity of the anti-counterfeiting information of the corresponding software and hardware (comprising the first anti-counterfeiting information of the hardware and the second anti-counterfeiting information of the software).

In this embodiment, the target memory in the server for storing the anti-counterfeit information is preferably EEPROM (Electrically Erasable Programmable read only memory) charged eeprom. The obtained anti-counterfeiting verification information is burnt to a target memory of the server, namely the electrified erasable programmable read-only memory on the server, so that the anti-counterfeiting verification information is not cleared even if the server equipment is powered down, and meanwhile, the anti-counterfeiting verification information is not cleared due to updating of firmware of the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the software and hardware combined anti-counterfeiting method, when the target memory is an eeprom, step S3 may include: and the BIOS of the server reads the anti-counterfeiting verification information pre-stored in the target storage through a first IPMI command.

In this embodiment, the BIOS of the server may read data in the EEPROM through an IPMI command, and in this application, when determining the EEPROM on the server as a target memory for storing anti-counterfeit information, the BIOS of the server reads anti-counterfeit information stored in advance in the EEPROM on the server through a corresponding IPMI command, where the IMPI command for reading the anti-counterfeit information stored in advance in the EEPROM on the server is a first IPMI command.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, when each piece of hardware matched with the server comprises a network card and a main board, the step S1 of obtaining the first anti-counterfeiting information of each piece of current hardware of the server comprises the following steps: and acquiring the first anti-counterfeiting information of the current network card of the server and the first anti-counterfeiting information of the current main board of the server.

In this embodiment, the network card is an important component for normal operation of the server, and is also an indispensable part of the server, and with the continuous development of the server, the manufacturer, model, speed, and other parameters of the network card represent diversified forms in the market. Because of the importance and diversity of the network cards, various fake network card products appear on the market, and compatibility problems easily occur between fake network cards and servers, so that the stability of server products is affected. Therefore, each piece of hardware for performing anti-counterfeiting verification preferably at least comprises a hardware device network card externally connected with the server, wherein the network card can be divided into two parts of hardware and software in the use process, and the hardware is a main board into which the network card is inserted. Therefore, in the case that each piece of hardware for performing anti-counterfeiting verification preferably includes at least a hardware device network card externally connected to the server, each piece of hardware for performing anti-counterfeiting verification preferably includes two hardware device network cards externally connected to the server and a hardware device motherboard internally arranged in the server. In this case, step S1 includes obtaining the first anti-counterfeiting information of each current hardware of the server, that is, the first anti-counterfeiting information of the network card currently inserted on the server motherboard, and obtaining the first anti-counterfeiting information of the motherboard in the server, that is, the first anti-counterfeiting information of the motherboard.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, in the case that each piece of software matched with the server comprises BIOS firmware and BMC firmware, the step S1 of obtaining the second anti-counterfeiting information of each piece of current software of the server comprises the following steps: and acquiring the digital signature of the current BIOS firmware of the server, and acquiring the digital signature of the current BMC firmware of the server.

In this embodiment, in the case that the hardware for performing the anti-counterfeit verification is preferably two hardware device network cards externally connected to the server and a hardware device motherboard internally installed in the server, the network cards and the related hardware devices can be divided into two parts, namely, the motherboard into which the network cards are inserted, in the use process, and the software is the server firmware for ensuring the normal operation of the network cards and the server. The respective software for performing the anti-counterfeit verification described above is preferably BIOS firmware and BMC firmware. In this case, step S1 of obtaining the second anti-counterfeiting information of each software of the server currently includes obtaining a digital signature of the BIOS firmware in the server currently, determining the digital signature as the second anti-counterfeiting information of the BIOS firmware, and obtaining a digital signature of the BMC firmware in the server currently, determining the digital signature as the digital signature of the BMC firmware.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the first anti-counterfeiting information of the network card comprises the MAC address of the network card and/or the serial number information of the network card; the first anti-counterfeiting information of the main board comprises a serial number and/or manufacturer information of the main board.

In the present embodiment, in the case where each hardware for performing the anti-counterfeit verification includes a network card, since the MAC address of the network card is a unique network identification of the network card, it is unique and not easily copied. Therefore, the first anti-counterfeiting information of the network card in the present application preferably includes the MAC address of the network card and the serial number information of the network card, it should be understood that this is only a preferred embodiment of the first anti-counterfeiting information of the network card, and in another embodiment, the first anti-counterfeiting information of the network card may also be selected as the MAC address of the network card or the serial number information of the network card. It should be understood that, in the case that the data type included in the first anti-counterfeiting information of the network card is determined, when leaving the factory, the data type included in the standard anti-counterfeiting information of the network card configured with the server is determined accordingly, and the data types included in the standard anti-counterfeiting information are consistent. If the first anti-counterfeiting information of the network card comprises the MAC address of the network card and the serial number information of the network card, the standard anti-counterfeiting information of the network card matched with the server comprises the data type which is also the MAC address of the network card matched with the server and the serial number information of the network card matched with the server; if the first anti-counterfeiting information of the network card comprises the MAC address of the network card, the data type included in the standard anti-counterfeiting information of the network card matched with the server is also the MAC address of the network card matched with the server.

In this embodiment, in the case where each hardware for performing the anti-counterfeit verification includes a motherboard, the first anti-counterfeit information of the motherboard preferably includes a serial number of the motherboard and vendor information of the motherboard, where the vendor information of the motherboard is set as unified keyword information. It should be understood that this is only a preferred embodiment of the first security information of the main board, and in another embodiment the first security information of the main board may also be selected as the serial number of the main board or as the manufacturer information of the main board. It should be understood that, in the case that the data type included in the first anti-counterfeiting information of the main board is determined, the data type included in the standard anti-counterfeiting information of the main board configured with the server is determined accordingly when shipped, and the data types included in the standard anti-counterfeiting information are consistent. If the first anti-counterfeiting information of the main board comprises a serial number of the main board and manufacturer information of the main board, the standard anti-counterfeiting information of the main board matched with the server comprises data types which are also the serial number of the main board matched with the server and the manufacturer information of the main board matched with the server; if the first anti-counterfeiting information of the main board comprises the serial number of the main board, the data type included in the standard anti-counterfeiting information of the main board matched with the server is also the serial number of the main board matched with the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the method further comprises steps S6 to S9:

step S6: when the firmware refreshing is carried out on the server through the firmware to be refreshed, the digital signature of the firmware to be refreshed and the anti-counterfeiting verification information are obtained through the BIOS.

In this embodiment, in order to prevent a user from affecting server stability by refreshing nonstandard firmware in a server in a state that the server is already started, after the server is already started, when a user refreshes new firmware in the server, the digital signature of the firmware to be refreshed is obtained through the BIOS, and meanwhile, anti-counterfeiting verification information in a target memory is obtained through the BIOS. The firmware to be refreshed comprises BIOS firmware and/or BMC firmware; when the firmware to be refreshed is the standard firmware of the manufacturer, the digital signature in the firmware to be refreshed is consistent with the digital signature of the original firmware in the server.

Step S7: and comparing the obtained digital signature of the firmware to be refreshed with the corresponding standard digital signature in the anti-counterfeiting verification information to obtain a first comparison result.

In this embodiment, after the digital signature and the anti-counterfeit verification information of the firmware to be refreshed are obtained in step S6, the digital signature of the firmware to be refreshed is compared with the standard digital signature corresponding to the firmware type of the firmware to be refreshed in the anti-counterfeit verification information to obtain a corresponding first comparison result. If the firmware to be refreshed is the BIOS firmware, comparing the digital signature of the firmware to be refreshed with the standard digital signature of the corresponding BIOS firmware in the anti-counterfeiting verification information to obtain a corresponding first comparison result; under the condition that the firmware to be refreshed is BMC firmware, comparing the digital signature of the firmware to be refreshed with the standard digital signature of the corresponding BMC firmware in the anti-counterfeiting verification information to obtain a corresponding first comparison result; and under the condition that the firmware to be refreshed is the BIOS firmware and the BMC firmware, comparing the digital signatures of the two firmware to be refreshed with the standard digital signature of the corresponding BIOS firmware and the standard digital signature of the BMC firmware in the anti-counterfeiting verification information respectively to obtain a corresponding first comparison result.

Step S8: and under the condition that the first comparison result indicates that the digital signature of the firmware to be refreshed is inconsistent with the standard digital signature, prohibiting the firmware to be refreshed from refreshing the corresponding firmware of the server.

In this embodiment, when the obtained first comparison result indicates that the digital signature of the firmware to be refreshed is inconsistent with the standard digital signature in the anti-counterfeit verification information, the firmware to be refreshed is prohibited from refreshing the corresponding firmware of the server. If the firmware to be refreshed is the BIOS firmware, under the condition that the obtained first comparison result indicates that the digital signature of the BIOS firmware to be refreshed is inconsistent with the standard digital signature of the BIOS firmware in the anti-counterfeiting verification information, the BIOS firmware to be refreshed is forbidden to refresh the original BIOS firmware of the server; under the condition that the firmware to be refreshed is the BMC firmware, under the condition that the obtained first comparison result represents that the digital signature of the BMC firmware to be refreshed is inconsistent with the standard digital signature of the BMC firmware in the anti-fake verification information, the BMC firmware to be refreshed is forbidden to refresh the original BMC firmware of the server; under the condition that the firmware to be refreshed comprises the BIOS firmware and the BMC firmware, under the condition that the obtained first comparison result indicates that the digital signatures of all the firmware to be refreshed are inconsistent with the corresponding standard digital signatures in the anti-fake verification information, all the firmware to be refreshed is forbidden to refresh the corresponding original firmware in the server, under the condition that the obtained first comparison result indicates that the digital signatures of the BIOS firmware to be refreshed are inconsistent with the standard digital signatures of the BIOS firmware in the anti-fake verification information, the BIOS firmware to be refreshed is forbidden to refresh the original BIOS firmware in the server, and under the condition that the obtained first comparison result indicates that the digital signatures of the BMC firmware to be refreshed are inconsistent with the standard digital signatures of the BMC firmware in the anti-fake verification information, the BMC firmware to be refreshed is forbidden to refresh the original BMC firmware in the server.

Step S9: and under the condition that the first comparison result represents that the digital signature of the firmware to be refreshed is consistent with the standard digital signature, refreshing the corresponding firmware of the server by the firmware to be refreshed.

In this embodiment, when the obtained first comparison result indicates that the digital signature of the firmware to be refreshed is consistent with the standard digital signature in the anti-counterfeit verification information, the firmware to be refreshed is allowed to refresh the corresponding firmware of the server. If the firmware to be refreshed is the BIOS firmware, allowing the BIOS firmware to be refreshed to refresh the original BIOS firmware of the server under the condition that the obtained first comparison result indicates that the digital signature of the BIOS firmware to be refreshed is consistent with the standard digital signature of the BIOS firmware in the anti-counterfeiting verification information; under the condition that the firmware to be refreshed is the BMC firmware, under the condition that the obtained first comparison result represents that the digital signature of the BMC firmware to be refreshed is consistent with the standard digital signature of the BMC firmware in the anti-fake verification information, the BMC firmware to be refreshed is allowed to refresh the original BMC firmware of the server; under the condition that the firmware to be refreshed comprises the BIOS firmware and the BMC firmware, under the condition that the obtained first comparison result indicates that the digital signatures of all the firmware to be refreshed are consistent with the corresponding standard digital signatures in the anti-fake verification information, allowing all the firmware to be refreshed to refresh the corresponding original firmware in the server, under the condition that the obtained first comparison result indicates that the digital signature of only the BIOS firmware to be refreshed is consistent with the standard digital signature of the BIOS firmware in the anti-fake verification information, allowing the BIOS firmware to be refreshed to refresh the original BIOS firmware in the server, and under the condition that the obtained first comparison result indicates that the digital signature of only the BMC firmware to be refreshed is consistent with the standard digital signature of the BMC firmware in the anti-fake verification information, allowing the BMC firmware to be refreshed to refresh the original BMC firmware in the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, step S42 may include: and outputting prompt information of the corresponding network card abnormality on a screen through a BIOS (basic input output system) and prohibiting the network card abnormality from entering an operating system of the server under the condition that the comparison result represents that the first anti-counterfeiting information of the current network card in the anti-counterfeiting information table is inconsistent with the network card standard anti-counterfeiting information in the anti-counterfeiting verification information.

In this embodiment, in the case that each hardware for performing the anti-counterfeit verification includes a hardware device network card externally connected to the server, for step S42, if the comparison result between the obtained anti-counterfeit information table and the obtained anti-counterfeit verification information indicates that the first anti-counterfeit information of the external hardware device network card currently connected to the server is inconsistent with the standard anti-counterfeit information of the network card for performing the validity verification on the first anti-counterfeit information of the hardware device network card in the anti-counterfeit verification information, outputting, by the BIOS, a prompt message that the corresponding network card has an abnormal compatibility in the screen, and controlling to prohibit access to the operating system of the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, step S42 may include: and outputting corresponding prompting information of mainboard abnormality on a screen through a BIOS (basic input output system) and prohibiting the operation system of the server under the condition that the comparison result represents that the first anti-counterfeiting information of the current mainboard in the anti-counterfeiting information table is inconsistent with the standard anti-counterfeiting information of the mainboard in the anti-counterfeiting verification information.

In this embodiment, in the case that each piece of hardware for performing anti-counterfeit verification includes a hardware device motherboard built in a server, for step S42, if a comparison result between the obtained anti-counterfeit information table and the obtained anti-counterfeit verification information indicates that the first anti-counterfeit information of the hardware device motherboard built in the server is inconsistent with the motherboard standard anti-counterfeit information for performing validity verification on the first anti-counterfeit information of the hardware device motherboard in the anti-counterfeit verification information, outputting, by the BIOS, a prompt message that compatibility abnormality exists in the corresponding server motherboard in the screen, and controlling to prohibit access to the operating system of the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, step S42 may include: and outputting corresponding server firmware abnormal prompt information on a screen through a BIOS (basic input output system) and prohibiting the server firmware abnormal prompt information from entering an operating system of the server under the condition that the second anti-counterfeiting information of the current server firmware in the anti-counterfeiting information table and the server firmware standard anti-counterfeiting information in the anti-counterfeiting verification information are inconsistent by the comparison result.

In this embodiment, in the case that each piece of software for performing the anti-counterfeit verification includes each piece of firmware of the server, for step S42, if the comparison result between the obtained anti-counterfeit information table and the obtained anti-counterfeit verification information indicates that the second anti-counterfeit information of the server firmware of the current server is inconsistent with the standard anti-counterfeit information of the server firmware for performing the validity verification on the second anti-counterfeit information of the server firmware in the anti-counterfeit verification information, outputting, by the BIOS, a prompt message that the corresponding server firmware has an abnormal compatibility in the screen, and controlling to prohibit access to the operating system of the server. And outputting prompt information with abnormal compatibility of the corresponding server firmware in a screen through the BIOS and controlling to prohibit the server from entering an operating system of the server, or outputting prompt information with abnormal compatibility of the corresponding server firmware in the screen through the BIOS when the second anti-counterfeiting information of any one of the two firmware is inconsistent with the standard anti-counterfeiting information of the server firmware for verifying the validity of the two firmware in the anti-counterfeiting checking information, and controlling to prohibit the server from entering the operating system of the server.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the step S11 of obtaining the first anti-counterfeiting information of the current network card of the server includes steps S1101 to S1102:

step S1101: and the server performs a startup POST.

Step S1102: in the process of starting up the POST, the BIOS of the server reads the first anti-counterfeiting information of the current network card of the server through a target command to obtain the first anti-counterfeiting information of the current network card of the server.

In this embodiment, the server first performs a power-on POST, that is, performs a power-on self-test. In the process of starting up the POST, the BIOS of the server reads the first anti-counterfeiting information of the network card of the hardware device which is currently connected with the server in an external mode through a corresponding protocol command, wherein the protocol command is a target command for reading the first anti-counterfeiting information of the network card, so that the first anti-counterfeiting information of the current network card of the server is obtained, and the first anti-counterfeiting information can be the MAC address of the network card, the serial number information of the network card, the MAC address of the network card and the serial number information of the network card.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the step S11 of obtaining the first anti-counterfeiting information of the current main board of the server includes steps S1103 to S1105:

step S1103: and the server performs a startup POST.

Step S1104: in the power-on POST process, the BIOS of the server reads FRU information of the BMC through a second IPMI command.

Step S1105: the BIOS obtains the first anti-counterfeiting information of the current main board of the server by analyzing the FRU information

In this embodiment, the server first performs a power-on POST, that is, performs a power-on self-test. In the process of starting up the POST of the server, the BIOS of the server reads FRU information of the BMC in the server through a corresponding IPMI command to acquire the FRU information of the BCM, and the IPMI command for reading the FRU information of the BMC in the server is a second IPMI command. After FRU information of the BMC in the server is obtained, the first anti-counterfeiting information of the mainboard built in the current server is further extracted from the FRU information through the BIOS of the server. The FRU information is read from the target memory by the BMC chip after receiving the IPMI command corresponding to the BIOS. Under the condition that the first anti-counterfeiting information of the main board is the serial number of the main board, the BIOS of the server further extracts the serial number of the main board built in the current server from the FRU information; under the condition that the first anti-counterfeiting information of the main board is manufacturer information of the main board, the BIOS of the server further extracts the manufacturer information of the main board built in the current server from the FRU information; and under the condition that the first anti-counterfeiting information of the main board is the serial number and manufacturer information of the main board, extracting the serial number and manufacturer information of the main board built in the current server from the FRU information through the BIOS of the server. The serial number of the main board exists in a designated character segment in FRU information, the designated character segment in the FRU information is extracted through the BIOS of the server, and the serial number of the main board is extracted; meanwhile, the manufacturer information of the main board also exists in a specific character segment in the FRU information, the specific character segment in the FRU information is extracted through the BIOS of the server, and the manufacturer information of the main board is extracted.

In combination with the above embodiment, in an implementation manner, the embodiment of the application further provides a software and hardware combined anti-counterfeiting method. In the anti-counterfeiting method combining software and hardware, the step S12 of obtaining the digital signature of the current BMC firmware of the server includes steps S121 to S122:

step S121: and the server performs a startup POST.

Step S122: in the power-on POST process, the BIOS of the server reads the digital signature of the BMC firmware through a third IPMI command to obtain second anti-counterfeiting information of the current BMC firmware of the server.

In this embodiment, the server first performs a power-on POST, that is, performs a power-on self-test. In the process of starting up the POST, the BIOS of the server reads the digital signature of the BMC firmware in the current server through the corresponding IPMI command to acquire the digital signature of the BCM firmware serving as the second anti-counterfeiting information of the BCM firmware, and the IPMI command for reading the digital signature of the BMC firmware in the server is a third IPMI command. In this embodiment, the digital signature of the BIOS firmware in the current server is obtained through the BIOS of the server at the same time, so as to obtain the digital signature of the BIOS firmware as the second anti-counterfeiting information of the BIOS firmware.

In the anti-counterfeiting method combining software and hardware, if the network card of the server is replaced, the BIOS reads the MAC address and the serial number of the network card from the entity network card inserted by the current main board of the server in the starting process of the server, and then compares the MAC address and the serial number of the network card with the standard network card MAC address and the standard network card serial number used for checking the MAC address and the serial number of the network card in the target memory EEPROM of the server. Because the network card is replaced, the MAC address and the serial number of the network card actually read by the BIOS are inconsistent with the MAC address and the serial number of the standard network card stored in the EEPROM of the target memory of the server when leaving the factory, and the network card cannot be checked and cannot be normally started to enter the system. If the motherboard is replaced, the BIOS will obtain two character strings of Board Mfg and Board Serial from FRU information of BMC in the process of starting up POST of the server, namely the Serial number and manufacturer information of the motherboard, and then compare with the standard motherboard Serial number and standard motherboard manufacturer information for checking the Serial number and manufacturer information of the motherboard in the target memory EEPROM of the server. Because the motherboard is replaced, the serial number and manufacturer information of the motherboard actually read by the BIOS are inconsistent with the standard motherboard serial number and standard motherboard manufacturer information stored in the target memory EEPROM of the server when the motherboard leaves the factory, and the motherboard cannot be checked and can not be normally started to enter the system.

If the firmware BIOS of the server is replaced, the replacement of the firmware can comprise refreshing the firmware or directly replacing a chip (such as a BIOS and a BMC ROM chip) corresponding to the firmware, when the firmware is refreshed, the firmware to be refreshed can be subjected to digital signature verification with the firmware of the server, the firmware is allowed to be refreshed if the verification is consistent, and the firmware is not allowed to be refreshed if the verification is inconsistent. If the chip corresponding to the firmware is directly replaced, the server still cannot be started normally because the code program in the chip does not contain the digital signature and the digital signature information of the firmware in the EEPROM is inconsistent in the starting process of the server, wherein the firmware comprises BIOS firmware and/or BMC firmware.

In this embodiment, fig. 2 is a schematic diagram of an anti-counterfeit method combining software and hardware, as shown in fig. 2, firstly, when leaving a factory, standard anti-counterfeit information (preferably, the MAC address and the serial number of a network card) of a network card hardware device configured with a server is obtained, standard anti-counterfeit information (preferably, the serial number and manufacturer information of a motherboard) of a motherboard hardware device configured with the server is obtained, a digital signature of BIOS firmware configured with the server and a digital signature of BMC firmware configured with the server are obtained, the obtained standard anti-counterfeit information and the digital signature are bound, and then the obtained standard anti-counterfeit information and the digital signature are stored in a target memory EEPROM of the server to form anti-counterfeit verification information.

In the actual application process of the server, the server performs a startup POST, in the process, the first anti-counterfeiting information (preferably, the MAC address and the serial number of the network card) of the network card inserted on the main board of the server is read through the BIOS of the server, the first anti-counterfeiting information (preferably, the serial number and the manufacturer information of the main board) of the main board of the server is read through the BIOS of the server, the digital signature of the BIOS firmware of the server and the digital signature of the BMC firmware are served through the BIOS of the server, and after the reading is completed, the first anti-counterfeiting information of the network card, the first anti-counterfeiting information of the main board, the digital signature of the BIOS firmware and the digital signature of the BMC firmware are integrated to obtain an anti-counterfeiting information table. And then reading the anti-counterfeiting verification information stored in the target server EEPROM of the server through the BIOS of the server, comparing the obtained anti-counterfeiting information table with the anti-counterfeiting verification information, when the comparison results are consistent, checking to pass, performing normal starting of the server to enter the system, and when the comparison results are inconsistent, checking to fail, outputting corresponding prompt information on a screen through the BIOS, and prohibiting entering the operating system of the server. Meanwhile, when all the anti-fake information in the practical application process of the server is obtained, judging whether all the anti-fake information is successfully read or not, if all the anti-fake information is not successfully read, controlling the server to restart, after restarting, obtaining all the anti-fake information again in the practical application process of the server, judging whether all the anti-fake information is successfully read or not again, if all the anti-fake information is not successfully read, controlling the server to continue restarting, and circulating until all the anti-fake information is obtained after one restart occurs within the first preset times, if all the anti-fake information can be obtained after one restart still does not occur after the first preset times, ending the obtaining of all the anti-fake information in the practical application process of the server, directly determining that verification is failed at this time, outputting corresponding prompt information on a screen through a BIOS, and prohibiting the operation system of the server. Meanwhile, when the anti-fake check information in the practical application process of the server is obtained, judging whether the anti-fake check information is successfully read or not, if the anti-fake check information is not successfully read, controlling the server to restart, after restarting, obtaining the anti-fake check information again in the practical application process of the server, judging whether the anti-fake check information is successfully read or not again, if the anti-fake check information is not successfully read, controlling the server to continue restarting, and circulating until the anti-fake check information is obtained after restarting occurs within the second preset times, if the anti-fake check information can not be obtained after restarting for the second preset times, ending obtaining the anti-fake check information in the practical application process of the server, directly determining that the check is not passed at the moment, outputting corresponding prompt information on a screen through a BIOS, and prohibiting access to an operating system of the server.

In this embodiment, fig. 3 is a schematic diagram of modules involved in the software and hardware combined anti-counterfeiting method provided in this embodiment, as shown in fig. 3, when the BIOS of the server obtains the first anti-counterfeiting information of the network card, the corresponding BIOS program in the storage location storing the BIOS program is executed, and in the process of executing, a target command is sent out, and based on the target command, the first anti-counterfeiting information of the network card is obtained through the PCH (Platform Controller Hub) chip and the CPU of the server. And simultaneously, a second IPMI command is sent to the BMC chip in the execution process, and the BMC program reads FRU information in the EEPROM based on the received command and returns the FRU information to the BIOS, so that the first anti-counterfeiting information of the main board in the FRU information is obtained. And simultaneously, a third IPMI command is sent to the BMC chip in the execution process, and the BMC program acquires a digital signature based on the received command and returns the digital signature to the BIOS, so that the BIOS can perform anti-counterfeiting verification based on the acquired anti-counterfeiting information.

Based on the same inventive concept, a second aspect of the present application provides an anti-counterfeiting system with combination of hardware and software, as shown in fig. 4, applied to a server, the system 400 includes:

The anti-counterfeiting information acquisition module 401 is used for acquiring first anti-counterfeiting information of each piece of current hardware of the server and second anti-counterfeiting information of each piece of current software of the server;

the anti-counterfeiting information combining module 402 is configured to integrate the obtained first anti-counterfeiting information and the obtained second anti-counterfeiting information to obtain an anti-counterfeiting information table;

the anti-fake verification information acquisition module 403 is configured to acquire anti-fake verification information recorded in a target memory of the server;

the comparison and verification module 404 is configured to compare the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result;

and the control module 405 is configured to control access to an operating system of the server according to the comparison result.

Optionally, the control module 405 includes:

Optionally, the system 400 further includes:

the first restarting module is used for restarting the server for a first preset number of times under the condition that any one or more of all the anti-counterfeiting information is not acquired, and acquiring all the anti-counterfeiting information after restarting each time;

the third control module is used for outputting corresponding prompt information on a screen through the BIOS and prohibiting the server from entering an operating system under the condition that all the anti-counterfeiting information is not successfully acquired by each restarting in the restarting of the first preset times;

and the fourth control module is configured to control the anti-counterfeiting information combining module 402 to work under the condition that all the anti-counterfeiting information is successfully obtained after restarting.

Optionally, the system 400 further includes:

the second restarting module is used for restarting the server for a second preset times under the condition that the anti-counterfeiting check information is not acquired, and acquiring the anti-counterfeiting check information after restarting each time;

a fifth control module, configured to output, through the BIOS, corresponding prompt information on a screen and prohibit access to an operating system of the server when each restart in the second preset number of restarts fails to obtain the anti-counterfeit verification information;

And the sixth control module is configured to control the comparison and verification module 404 to operate under the condition that the anti-counterfeiting verification information is successfully obtained after restarting.

Optionally, the system 400 further includes: the anti-fake check information storage module is used for inputting the anti-fake check information into a target memory of the server; the anti-fake check information storage module includes:

the first acquisition module is used for acquiring the respective standard anti-counterfeiting information of each hardware from factory parameters of each hardware matched with the server, and acquiring the digital signature of each software matched with the server as the respective standard anti-counterfeiting information of each software;

and the anti-fake check information storage sub-module is used for integrating the standard anti-fake information of each hardware and the standard anti-fake information of each software into anti-fake check information and storing the anti-fake check information into a target memory of the server.

Optionally, the target memory in the anti-fake information storage module is an electrically erasable programmable read-only memory.

Optionally, the anti-counterfeit information obtaining module 403 is configured to read, by using a first IPMI command, the anti-counterfeit information stored in the target storage in advance by using the BIOS of the server.

Optionally, the anti-counterfeiting information acquisition module 401 includes:

the first anti-counterfeiting information acquisition module is used for acquiring first anti-counterfeiting information of the current network card of the server and acquiring the first anti-counterfeiting information of the current main board of the server under the condition that each piece of hardware matched with the server comprises the network card and the main board.

the first anti-counterfeiting information acquisition module is used for acquiring second anti-counterfeiting information of each piece of current software of the server under the condition that each piece of software matched with the server comprises BIOS firmware and BMC firmware, and comprises the following steps: and acquiring the digital signature of the current BIOS firmware of the server, and acquiring the digital signature of the current BMC firmware of the server.

Optionally, the first anti-counterfeiting information of the network card in the anti-counterfeiting information acquisition module 401 includes a MAC address of the network card and/or serial number information of the network card; the first anti-counterfeiting information of the main board comprises a serial number and/or manufacturer information of the main board.

Optionally, the second control module includes:

the first target control module is used for outputting prompt information of the corresponding network card abnormality through the BIOS on a screen and prohibiting the operation system of the server under the condition that the comparison result represents that the first anti-counterfeiting information of the current network card in the anti-counterfeiting information table is inconsistent with the network card standard anti-counterfeiting information in the anti-counterfeiting check information.

Optionally, the second control module includes:

and the second target control module is used for outputting corresponding prompting information of main board abnormality on a screen through the BIOS and prohibiting the operation system of the server under the condition that the comparison result represents that the first anti-fake information of the current main board in the anti-fake information table is inconsistent with the main board standard anti-fake information in the anti-fake check information.

Optionally, the second control module includes:

and the third target control module is used for outputting corresponding server firmware abnormal prompt information on a screen through the BIOS and prohibiting the server firmware abnormal prompt information from entering an operating system of the server under the condition that the comparison result represents that the second anti-fake information of the current server firmware in the anti-fake information table is inconsistent with the server firmware standard anti-fake information in the anti-fake verification information.

Optionally, the first anti-fake information acquisition module includes:

the first reading module is used for reading the first anti-counterfeiting information of the current network card of the server through a target command by the BIOS of the server in the process of starting the POST of the server so as to obtain the first anti-counterfeiting information of the current network card of the server.

Optionally, the first anti-fake information acquisition module includes:

the second reading module is used for reading FRU information of the BMC through a second IPMI command by the BIOS of the server in the process of starting up the POST of the server;

and the analysis module is used for the BIOS to obtain the first anti-counterfeiting information of the current main board of the server by analyzing the FRU information.

Optionally, the first anti-fake information acquisition module includes:

and the third reading module is used for reading the digital signature of the BMC firmware through a third IPMI command by the BIOS of the server in the process of starting the POST of the server so as to obtain the second anti-counterfeiting information of the current BMC firmware of the server.

Based on the same inventive concept, in a third aspect of the embodiments of the present application, as shown in fig. 5, the present application provides an electronic device 500, including: a processor 501, a memory 502 and a computer program stored on the memory and running on the processor, which when executed by the processor implements the steps in the software and hardware combined anti-counterfeiting method according to the first aspect of the present application.

Based on the same inventive concept, in a fourth aspect of the embodiments of the present application, the present application provides a computer non-volatile readable storage medium, where a computer program is stored on the computer non-volatile readable storage medium, and the computer program is executed by a processor to implement the steps in the software and hardware combined anti-counterfeiting method described in the first aspect of the present application.

In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present application, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer non-volatile readable storage medium to another computer non-volatile readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center via a wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.) means to another website, computer, server, or data center. The computer non-volatile readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), etc.

It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.

The foregoing description is only of the preferred embodiments of the present application and is not intended to limit the scope of the present application. Any modifications, equivalent substitutions, improvements, etc. that are within the spirit and principles of the present application are intended to be included within the scope of the present application.

Claims

1. A software and hardware combined anti-counterfeiting method, which is applied to a server, the method comprising:

acquiring anti-counterfeiting verification information recorded in a target memory of the server, wherein the anti-counterfeiting verification information is information burnt into the target memory of the server in advance;

controlling the access to the operating system of the server according to the comparison result;

2. The software and hardware combined anti-counterfeiting method according to claim 1, wherein comparing the anti-counterfeiting information table with the anti-counterfeiting verification information to obtain a comparison result comprises:

3. The software and hardware combined anti-counterfeiting method according to claim 1, wherein the method further comprises:

4. The software and hardware combined anti-counterfeiting method according to claim 1, wherein the method further comprises:

5. The software and hardware combined anti-counterfeiting method according to claim 1, wherein the step of inputting the anti-counterfeiting verification information into a target memory of the server comprises the steps of:

6. The software and hardware combined anti-counterfeiting method according to claim 5, wherein obtaining anti-counterfeiting verification information recorded in a target memory of the server comprises:

7. The method for combining software and hardware to obtain the first anti-counterfeiting information of each piece of hardware of the server currently under the condition that each piece of hardware matched with the server comprises a network card and a main board according to claim 6, wherein the method comprises the following steps: and acquiring the first anti-counterfeiting information of the current network card of the server and the first anti-counterfeiting information of the current main board of the server.

8. The software and hardware combined anti-counterfeiting method according to claim 7, wherein, in the case that each piece of software matched with the server includes BIOS firmware and BMC firmware, obtaining second anti-counterfeiting information of each piece of software currently of the server includes: and acquiring the digital signature of the current BIOS firmware of the server, and acquiring the digital signature of the current BMC firmware of the server.

9. The anti-counterfeiting method according to claim 8, wherein the first anti-counterfeiting information of the network card comprises a MAC address of the network card and/or serial number information of the network card; the first anti-counterfeiting information of the main board comprises a serial number and/or manufacturer information of the main board.

10. The anti-counterfeiting method according to claim 9, wherein when the comparison result indicates that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, outputting corresponding prompt information on a screen through a BIOS and prohibiting access to an operating system of the server, the method comprises:

11. The anti-counterfeiting method according to claim 9, wherein when the comparison result indicates that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, outputting corresponding prompt information on a screen through a BIOS and prohibiting access to an operating system of the server, the method comprises:

12. The anti-counterfeiting method according to claim 9, wherein when the comparison result indicates that the anti-counterfeiting information table is inconsistent with the anti-counterfeiting verification information, outputting corresponding prompt information on a screen through a BIOS and prohibiting access to an operating system of the server, the method comprises:

13. The software and hardware combined anti-counterfeiting method according to claim 9, wherein obtaining the first anti-counterfeiting information of the current network card of the server comprises:

the server performs a startup POST;

14. The software and hardware combined anti-counterfeiting method according to claim 9, wherein obtaining the first anti-counterfeiting information of the current main board of the server comprises:

the server performs a startup POST;

15. The software and hardware combined anti-counterfeiting method according to claim 9, wherein obtaining the digital signature of the current BMC firmware of the server comprises:

the server performs a startup POST;

16. A software and hardware combined anti-counterfeiting system, applied to a server, comprising:

the anti-fake verification information acquisition module is used for acquiring anti-fake verification information recorded in a target memory of the server, wherein the anti-fake verification information is information burnt into the target memory of the server in advance;

The control module is used for controlling the access to the operating system of the server according to the comparison result;

the refreshing module is used for acquiring the digital signature of the firmware to be refreshed and acquiring the anti-counterfeiting verification information through the BIOS when the firmware to be refreshed is used for refreshing the server; the digital signature of the firmware to be refreshed is compared with the corresponding standard digital signature in the anti-fake verification information, and a first comparison result is obtained; and the method is used for prohibiting the firmware to be refreshed from refreshing the corresponding firmware of the server under the condition that the digital signature of the firmware to be refreshed represented by the first comparison result is inconsistent with the standard digital signature; and the method is used for refreshing the corresponding firmware of the server by the firmware to be refreshed under the condition that the digital signature of the firmware to be refreshed represented by the first comparison result is consistent with the standard digital signature.

17. The anti-counterfeiting system according to claim 16, wherein the control module comprises:

18. An electronic device, comprising: a processor, a memory and a computer program stored on the memory and running on the processor, which when executed by the processor implements the steps of a software and hardware combined anti-counterfeiting method according to any one of claims 1 to 15.

19. A computer non-transitory readable storage medium, wherein the computer non-transitory readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of a software and hardware combined anti-counterfeiting method according to any one of claims 1 to 15.